package com.example.demo1.controller;

import org.springframework.http.HttpHeaders;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import java.time.LocalDateTime;

@RestController
@RequestMapping("/oauth")
public class OauthController {
    /*
{
  "_meta": {
    "disable": false
  },
  "disable": false,
  "functions": [
    "return function(conf, ctx)\n    local ngx = require \"ngx\"\n    local core = require(\"apisix.core\")\n    local cjson = require (\"cjson\")\n    local token = ngx.var.http_authorization\n    if not token then\n        local args = ngx.req.get_uri_args()\n        token = args[\"access_token\"]\n        if not token then\n            ngx.status = ngx.HTTP_UNAUTHORIZED\n            local error_msg = {msg = \"If the token does not exist, illegal login is liable\", code = 401, status = \"UNAUTHORIZED\"}\n            ngx.say(cjson.encode(error_msg))\n            ngx.exit(ngx.HTTP_UNAUTHORIZED)\n        end\n    end \n        \n    local http = require \"resty.http\"\n    local httpc = http.new()\n    ngx.log(ngx.WARN,\"the second step：a token verification request: \" .. token)\n    local res, err = httpc:request_uri(\n        \"http://demo.devops-tools/oauth/check_token\", {\n            method = \"GET\",\n            headers = {\n                [\"Authorization\"] = \"Bearer \" .. token,\n                [\"Content-Type\"] = \"application/json\"\n            }\n        })\n    ngx.log(ngx.WARN, \"The response status of the authentication interface is: \", res.status)\n    if res.status ~= 200 then        \n        ngx.log(ngx.WARN, \"The token verification interface request failed,status:\", res.status)\n        ngx.status = ngx.HTTP_UNAUTHORIZED\n        ngx.say(\"Unauthorized\")\n        ngx.exit(ngx.HTTP_UNAUTHORIZED)\n    else     \n        local upstream_headers = ngx.req.get_headers()\n        for k, v in pairs(upstream_headers) do\n            core.request.set_header(ctx,k, v)\n        end   \n        if not ngx.var.http_authorization then\n            core.request.set_header(ctx, \"Authorization\", \"Bearer \" .. token)\n        end\n        ngx.log(ngx.WARN, \"The token verification interface request succeeded,status:\", res.status)\n    end\nend"
  ],
  "phase": "access"
}
     */
    @GetMapping("/check_token")
    public String checkToken(@RequestHeader(value = "Authorization") String authorization) {
        System.out.println("###time：" + LocalDateTime.now());
        System.out.println("###/check_token Authorization：" + authorization);
        return "ok";
    }

    /*
    获取 core.request.get_method() 会报错
        {
      "_meta": {
        "disable": false
      },
      "disable": false,
      "functions": [
        "return function(conf, ctx)\n    local ngx = require \"ngx\"\n    local core = require(\"apisix.core\")\n    local cjson = require (\"cjson\")\n    local token = ngx.var.http_authorization\n    if not token then\n        local args = ngx.req.get_uri_args()\n        token = args[\"access_token\"]\n        if not token then\n            ngx.status = ngx.HTTP_UNAUTHORIZED\n            local error_msg = {msg = \"If the token does not exist, illegal login is liable\", code = 401, status = \"UNAUTHORIZED\"}\n            ngx.say(cjson.encode(error_msg))\n            ngx.exit(ngx.HTTP_UNAUTHORIZED)\n        end\n    end \n        \n    ngx.log(ngx.WARN,\"the second step：a token verification request: \" .. token)\n    local http = require \"resty.http\"\n    local httpc = http.new()    \n--************************第一步：请求token校验是否合法********************************************\n    local res, err = httpc:request_uri(\n        \"http://demo.devops-tools/oauth/check_token\", {\n            method = \"GET\",\n            headers = {\n                [\"Authorization\"] = token,\n                [\"Content-Type\"] = \"application/json\"\n            }\n        })  \n    if not res or res.status ~= 200 then\n        ngx.log(ngx.WARN, \"The token verification interface request failed,status:\", res.status)\n        ngx.status = ngx.HTTP_UNAUTHORIZED\n        ngx.say(\"Unauthorized\")\n        ngx.exit(ngx.HTTP_UNAUTHORIZED)\n    end\n    --************************第二步：请求token校验是否有权限********************************************\n    res, err  = httpc:request_uri(\n        \"http://demo.devops-tools/oauth/verify/permission\", {\n            method = \"GET\",\n            headers = {\n                [\"Authorization\"] = token,\n                [\"Content-Type\"] = \"application/json\",\n                [\"X-Forwarded-Proto\"] = core.request.get_scheme(ctx),\n                [\"X-Forwarded-Method\"] = core.request.get_method(),\n                [\"X-Forwarded-Host\"] = core.request.get_host(ctx),\n                [\"X-Forwarded-Uri\"] = ctx.var.request_uri,\n                [\"X-Forwarded-For\"] = core.request.get_remote_client_ip(ctx)\n            }\n    })\n    if not res or res.status ~= 200 then\n        ngx.status = 403\n        ngx.say(\"Forbidden\")\n        ngx.exit(403)    \n    elseif res.status == 200 then   \n        local upstream_headers = ngx.req.get_headers()\n        for k, v in pairs(upstream_headers) do\n            core.request.set_header(ctx,k, v)\n        end   \n        if not ngx.var.http_authorization then\n            core.request.set_header(ctx, \"Authorization\", \"Bearer \" .. token)\n        end\n        ngx.log(ngx.WARN, \"The token verification interface request succeeded,status:\", res.status)\n    end\nend"
      ],
      "phase": "access"
    }
     */
    @GetMapping("/verify/permission")
    public String verifyPermission(@RequestHeader HttpHeaders headers) {
        System.out.println("###time：" + LocalDateTime.now());
        System.out.println("###/verify/permission X-Forwarded-Method：" + headers.get("X-Forwarded-Method"));
        System.out.println("###/verify/permission X-Forwarded-Host：" + headers.get("X-Forwarded-Host"));
        System.out.println("###/verify/permission X-Forwarded-Uri：" + headers.get("X-Forwarded-Uri"));
        System.out.println("###/verify/permission X-Forwarded-For：" + headers.get("X-Forwarded-For"));

        return "ok";
    }

    public static void main(String[] args) {
        System.out.println("###time：" + LocalDateTime.now());
    }
}
